v1.4.0
Changelog
Contributors: @christophetd @JulesDT @mchaffe @xen0ldog
Overview:
- Enhance Kubernetes support
- 3 new Kubernetes attack techniques: Run a Privileged Pod, Create Admin ClusterRole, Steal Pod Service Account Token
- Parallelize commands when running
stratus (warmup|detonate|cleanup)on multiple attack techniques
Complete changelog:
- d4ac261 Add detection docs for k8s.credential-access.steal-serviceaccount-token
- ba5b171 Add detection docs for k8s.privilege-escalation.privileged-pod
- d38be65 Add thirdyparty-licenses target
- 1245549 Address comments
- 6f1f1af Customize K8s user-agent
- 2fd4316 Ensure all attack techniques are properly instantiating the AWS provider (closes #84)
- 11f8de6 Fix docs
- 3dc0656 Fix duplicate IAM role name
- 30e948c Fix typo in PR template
- 24b1388 Network interfaces not attached to ec2 instances instances
- f47a4d0 New attack technique: Create ClusterAdmin role
- 2125cbf New attack technique: Create privileged K8s pod (closes #92)
- cdce7cc New attack technique: Steal pod service account token (closes #98)
- c234ca1 Parallelization of commands: Enhance warmup
- abecfbf Parallelization of commands: Fix cleanup command
- 6aabb3d Parallelization of commands: Fix warmup
- e5e40b0 Parallelization of detonate command
- 5d88ada Parallelization of revert command
- 02b8784 Parallelization: fix wrong length for error handling
- f2ce722 Parallelization: fix wrong length for error handling (again)
- 7bfe8c0 Recategorize 'create-admin-clusterrole' as persistence rather than privesc
- b03bfbc Recategorize 'create-admin-clusterrole' as privesc rather than persistence
- 016ecbf Remove thirdparty-dependencies Makefile target from default targets
- 07ee658 Update philosophy
- 85bcc7c Update third-party licenses
- 1ec5983 make commands run in parallel
Contributors
christophetd, mchaffe, and 2 other contributors